PRIMARY PURPOSE OF THIS POSITION

Create industry leading IT Risk assessment, treatment and control testing teams. Use these teams to identify enterprise technology risk issues and recommend risk treatment solutions. Create team(s) to deliver technology solutions and coordinate issue closure activities. Create team(s) that will deliver industry best practice automated IT control testing solutions

ESSENTIAL DUTIES AND RESPONSIBILITIES

1. Risk Identification, Assessment and Evaluation

- Develop an IT risk reduction and awareness program.

- Assemble and lead an experienced taskforce to partner with business teams on correlating identified technology risk scenarios to relevant business processes.

- Collaborate with senior business risk managers and key stakeholders to validate technology's portion of their risk appetite.

- Utilize the Service Maturity Model (SMM) framework to identify, assess and evaluate risk for all IT Services. Integrate SMM with a critical business component.

- Conduct training/workshops to ensure that stakeholders understand and contribute to the risk management process.

2. Risk Treatment

- Develop technology risk response action plans used to mitigate risk factors identified during risk assessments.

- Create and oversee a team of technology control specialists that will drive the mitigation of risks in the technology environments.

- Provide CIO and IT service leaders with actionable recommendations for improvement.

- Conduct and lead a technology root cause analysis program and drive improvement resulting from the findings.

- Establish risk control processes and procedures.

3. Risk Analytics and Monitoring

- Automate the collection, validation and analysis of data used to create technology key risk indicators (KRIs) and monitor and communicate their status to relevant stakeholders.

- Create programs to mitigate technology issues identified by KRIs.

- Drive remediation of issues highlighted

- Understand risk exposure for applicable controls as well as evaluate mitigating controls for the risk exposure

- Interact with audit, line 2 and other stakeholders and risk representatives from multiple lines of business

- Serve as liaison and consultant and evaluate impact of new technologies, processes or tools within the technology control area

- Establish and maintain good client relations during testing engagements. Assist in communicating the results of some audit projects to management via written reports and oral presentations

- Ability to work with strategic direction to plan and implement tactical tasks required to deliver on the strategy

- Effectively manage a team of remote technology control testers

- Demonstrate working knowledge of technology focused controls and/or audit testing methodologies

- Effectively leverage knowledge of Industry standards related to technology controls

- Use ability to communicate effectively to stakeholders

- Demonstrate understanding of IT risks and risk mitigation

4. Control Testing

- Create a financial services industry leading automated control testing solution.

- Supervise control testing activities to ensure they are delivered effectively.

- Lead efforts to test information systems controls used to verify effectiveness and efficiency of technology solutions.

- Ensure all technology controls are assigned control owners to establish accountability.

OTHER DUTIES AND RESPONSIBILITIES

Coordinate with external auditors and various senior managers in CTS and in Business as necessary to implement the ITRM framework.

MANAGEMENT/SUPERVISORY RESPONSIBILITIES

Build and manage a staff of technical and senior technical managers to develop and implement the functions and goals of the ITRM team.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.